HACKING WINDOWS XP: Disabling Unneeded Services


 

Here’s another tip from the book–“Hacking Windows XP”, courtesy of Extremetech.

Disabling Unneeded Services

A service is a software application that runs continuously in the background while your computer is on. The Windows operating system has numerous services that run in the background that provide basic functions to the system. Network connectivity, visual support, and external device connectivity such as printer services are all examples of the types of services that the windows services provide. Each of these services that are running in the background take up system resources such as memory and CPU time. Also, during the booting of the operating system, the service has to be loaded. On most computers, there are nearly 20 services that are loaded upon startup. Of these 20 services only a handful are system critical services. All of the others can be disabled. In order to disable a service, first you will need to know more about what the most common services do. Table 8-2 will help you understand what the most common services are, what they do, and if they can be disabled.

Table 8-2 – Common Windows Services in Use

Service Name

Service Use

Automatic Updates

Used to download and then install updates automatically without the user going to Windows Update manually. This service is not system critical and can be disabled but unless you check for updates regularly, it is not recommended to disable this service.

Background Intelligent Transfer Service

A service that transfers data in the background when the connection is not in use. One use of this service is to download updates automatically in the background. This service is not system critical but can impair other services such as automatic updates if it is disabled.

Com+ Event System

Basically controls the notification of certain system events such as log on and log off. The system event notification is dependent on this service. This service is system critical.

Computer Browser

Keeps track of the other computers on your network running the Microsoft Client for networking. This is what provides the list of computers when you are browsing your workgroup computer in My Network Places. This service is not system critical and can be disabled if you do not need the network browsing function.

Cryptographic Services

Basically manages system security certificates as well as provides a database of signatures of key windows files. This service is not system critical but it is required to install many Microsoft programs that want to check system file signatures. It is not recommended to disable this service because doing so would not allow Windows Update to run and install new updates.

DCOM Server Process Launcher

Basically is in charge of starting various other services. This service is required for RPC which is required for over 39 other services to run. Because of that, it is not a good idea to disable this one.

DHCP Client

Provides support for dynamic network configuration. This service is not system critical but is needed for those that do not set their IP address manually.

Distributed Link Tracking Client

Keeps track of links to files on a NTFS volume on your computer or across a network. This service is not system critical and can be disabled.

DNS Client

Resolves domain names into IP addresses as well as caches lookup results. This service is not system critical but you will not be able to browse the internet without it started.

Error Reporting Service

Allows users to report failures of applications directly to Microsoft so that Microsoft may fix bugs in its software if it is the culprit. This service is not system critical and can be safely disabled.

Event Log

Allows event messages to be recorded to be viewed in Event Viewer. This service is system critical and can not be disabled.

Fast User Switching Compatibility

Allows users to switch to other users on the same system without logging off. This service is not system critical and can be safely disabled.

Help and Support

Used for the help and support center. This service is not system critical and can be safely disabled.

HTTP SSL

Allows the personal web server built into Windows XP (IIS 6.0) to provide secure data transfers over HTTP. This service is rarely used since most people never even setup the personal web server on Windows XP. This service is not system critical and can be safely disabled.

Indexing Service

Creates a searchable database of the items on your hard drive. This service is not system critical and can be disabled if you do not search your drive often or can wait a few extra minutes to find a file.

IPSEC Services

Provides IP security for certain secure connections over IP. This service is not system critical and can be safely disabled.

Logical Disk Manager

Detects and monitors new hard disk drives. This service is not system critical but it is used when you are upgrading your hardware and installing additional storage devices or using USB storage devices. If you do not plan on using any of the items above, the service may be safely disabled.

Machine Debug Manager

Provides support for program and script debugging. This service is not system critical and can be safely disabled for most users.

Messenger

Allows users to send text popup messages to computers on the network. This service is abused by spammers to send you advertisements. It is highly recommended that you disable this service.

Network Connections

Provides support for network connectivity. This service is not system critical but it is recommended that it is not disabled.

Network Location Awareness (NLA)

Provides services to computers that share your internet connection. If you do not use the internet connection feature, then you may safely disable this service since it is not a system critical service.

Plug and Play

Allows your computer to detect hardware. This service is system critical and can not be disabled.

Portable Media Serial Number Service

Detects the serial number of an external media device. This service is not system critical and can be safely disabled.

Print Spooler

Provides services to print. This service is not system critical but it is necessary to print from your computer.

Protected Storage

Provides basic security over certain system files. This service is system critical and should not be disabled.

Remote Procedure Call (RPC)

Provides services for other services. This service is system critical and can not be disabled.

Remote Registry (Not included in XP Home)

Allows the system registry to be connected to remotely. This service is not system critical and is recommended that it is disabled.

Secondary Logon

Allows programs to be started under different accounts. This service is system critical.

Security Accounts Manager

A database of local account information. This service is system critical and should not be disabled.

Security Center

Monitors your system security settings to notify you if your settings are insecure. You should keep this service running unless you are confident about your computer’s security. No other services depend on this service and it can be safely disabled given you have a good handle on your security.

Server

Provides the ability to share files and your printer over your network. This service is not system critical and can be safely disabled if you do not share file over a network.

Shell Hardware Detection

Used to detect external storage devices automatically. If you do not use any external storage devices such as external hard drives or memory cards, this service can be safely disabled.

SSDP Discovery Service

Looks for Universal Plug and Play drives on your network. This service is not system critical and can be safely disabled.

System Event Notification

Tracks more system events. This service is system critical and should not be disabled.

System Restore Service

Keeps track of changes made to your system to make restore points. This service is not system critical but it is recommended that it is not disabled.

Task Scheduler

Allows users to schedule and configure tasks. This service is not system critical and can be disabled if you do not need to schedule any tasks to run.

TCP/IP NetBIOS Helper

Allows the NetBIOS network protocol to run over the TCP/IP Protocol. This service is not system critical and can be disabled if you have no use for the NetBIOS protocol.

Terminal Services

Allows users to connect to the computer with remote desktop. This service is not system critical but is used by the remote assistance help feature. It can be safely disabled if you do not need the remote assistance feature.

Themes

This is the service that gives Windows the new look. It allows visual styles to be applied over the normal grey Windows 2000 style windows. This service is not system critical and can be disabled.

WebClient

This service adds support for web-based file management for technologies such as WebDav. Most users will never need to use this service. It is not system critical and can be safely disabled.

Windows Audio

Provides audio support for the operating system. This service is not system critical and can be safely disabled is you would like to give up your sound.

Windows Firewall / Internet Connection Sharing (ICS)

Protects your computer from intruders and malicious programs attacking your computer via your Internet connection. It also provides the ability to share your internet connection among other computers on your local network. This service is not system critical but I do not recommend that you disable it unless you have another personal firewall application installed on your computer.

Windows Image Acquisition (WIA)

Used to acquire data from optical devices such as a scanner or a camera. This service is not system critical and it can be safely disabled if you have no use for it.

Windows Management Instrumentation

Provides system information to applications. This service is system critical and should not be disabled.

Windows Time

This service is in charge of synchronizing the Windows time. If you do not need to have your time synchronized, this service can be safely disabled.

Wireless Zero Configuration

Configures wireless 802.11 devices. If you do not have any wireless hardware installed, you may safely disable this service.

Workstation

Allows your computer to make connections to other computers and servers. This service is not system critical but it is needed for any basic networking.

Now that you know which services can be disabled and which services are important to your system, you can safely speed up your boot by disabling the extra services using the services management tool.

Tip:
Before you begin changing your service setup, set a System Restore Point to easily restore your system to an earlier configuration. However, be careful when you restore from restore points. Any applications or files that were created after the system restore point will be deleted when reverting back to an earlier restore point.

Figure 8-6

clip_image003

clip_image004

click on image for full view

The Services utility is included in all versions of Windows XP and but is hidden away. Do the following to disable a service using the Services utility:

  1. Click on the Start menu and select Run. In the text box type services.msc and click OK. This will start the Services utility as shown in Figure 8-6.
  2. Now that you are in the Services utility, you will see a list of a lot of services on your computer. First you will need to stop the service that you want to disable. Right click on the service name and select Stop on the pop-up menu.
  3. When the service is stopped, right click on the service again and select Properties. Located on the General tab, look for the Startup Type drop-down box. Click on the arrow on the drop-down box and select Disabled.
  4. Click on the OK button and from now on, the system will not start the service any more during boot speeding up your system start.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s